Posted
by
timothy
on Sunday September 26, 2010 @01:47PM
from the now-with-less-italian dept.

EqualSlash writes "The Arduino Project is releasing two new boards — Arduino Uno to replace Duemilanove and Arduino Mega 2560 to replace the existing Arduino Mega board. With Uno, the board is not just getting a new pronunciation-friendly name but also has a custom-made USB-serial converter to replace the older FTDI chipset, thereby removing the need to install drivers (they now have their own USB Vendor ID). It now has a logo and stylish packaging, and soon will have its own branded web store. A new Ethernet integrated board and a tinkering toolkit will be made available shortly."

How do you make a new custom usb to serial chipset, with a new vendor id, that doesn't require drivers?

I'm no expert, but have used PL230x chipset cables and FTDI cables, and both required some kind of driver under OS X. I think windows may have included the PL230x driver, but not the FTDI. And Linux includes drivers for both. But if I took the FTDI or PL230x chipset and changed its vendor id, then the driver under linux won't detect it by default.

So how is it that a new custom chipset with a new vendor id requires no drivers? Is there a standard for USB->serial that if you follow you don't need a driver? (and why do most cables not support it if there is?)

just wondering...

Also, since the pl230x chipset is a pain the ___ at times due to inconsistent implementations in cables and buggy drivers, I certainly hope they don't make things worse. FTDI has been the gold standard in my experience.

The only standardised USB class for serial-like USB devices is the CDC ACM class. That's driver-free under Linux and Mac OS, but it's not exactly driver-free under Windows - you still have to install a.inf file to tell the driver shipped with Windows to actually load. In practice, for Windows users it's not really better than any of the proprietary driver-required solutions.

That's one of the great things about the Arduino - most of the hardware "magic" is really just the built-in capabilities of the Atmel AVR micro-controller. If you don't need to use a "shield" (daughterboard), there's plenty of simpler (and cheaper) clones for more specific purposes. They just need to be programmed with the Arduino bootloader (which they usually are) and the Arduino IDE will program it just fine.

by 'ethernet' I've meant 'tcp/ip on a chip' kind of service. I wasn't at all being strictly literal.

'ethernet' kind of implies ip level service when used in conversation. I agree its technically wrong (I used to develop/teach networking courses) but when they (the arduino guys) call it an 'ethernet shield' and yet allow you to use the onboard webserver (??) you know its a lot more than just layers 1 and 2.

at some point, I really can envision 'security on a chip' or firewall chips being so easy to just plugin and deploy that they can be integrated in embedded systems. but the arduino ethernet shield (the thing we're talking about) just has no way to have firewalling as a plugin and I think that's a technical mistake that makes the shield kind of useless to me. maybe its good for learning in the lab but its useless to deploy in the real world.

for a physical device that can turn things on and off in the real world (including ruining/damaging things) you NEED security. I just firmly believe this. no firewall, no hosts.allow, no nothing. not authentication or encryption or MAC access control, just like TRULY nothing. I find that unacceptable in a real-world device.

So what you need is to run two networks.

Have your computer LAN, and your hardware HAN.

All your embedded devices, PLCs, PICs, and Arduinos connect to the HAN which has no internet connection.Take one of the mentioned $50 router devices, or an PC running Linux with two network cards, and use that to bridge between your HAN and LAN. Put all the security in that now-a-firewall computer.

That will protect your real world interfacing devices from random guest computers plugged in your LAN or on your home wifi, or even FSM-forbid an infected windows PC of your own, or even a misconfigured linux system.

And since your LAN should be bridged to the Internet/WAN by a similar firewall/router device, that is two layers of protection between the Internet and your real world controlling devices.

This will limit the attack vector down to a single firewall, and physical access.Since we are likely talking about your home, or at least one building, you can handle the physical access easily enough by running network cabling as needed, or at least not providing easy to reach wall connectors to jack in (Unlike most LANs, which may have such easy access)

Using a Linux box as the firewall between LAN and HAN will give you the benefit of having a bunch of scripts to control any arduino/pic/plc/whatever from a single place, but the ability to run apache-ssl with more than basic-authentication if you desire. Then you can have web based controls and pretty graphs or pictures for status displays, all over SSL.

I fully agree that security is important and even a requirement to have, but I would rather keep the bulk of that on one machine, and limit all the embedded hardware so only that one machine can reach it.This keeps the prices of the chips way low, and dumps the hard work of encryption and access control on a general purpose machine more designed for that sort of thing.

If you are super paranoid, you can build a serial cable that only connects the HANs TX line to your LANs RX line, a one way serial port so to speak, and let the devices talk out for logging/status reporting purposes. Leave the control functions to those who have physical access to the console.

Interesting that this story would pop up now. I have recently been thinking about getting into tinkering with microcontrollers. I've always had deep respect for what people used to be able to do with, say, a 6502 and a few kB of code. I think it would be great fun to try my hand at that. However, I have some special requirements that seem to be difficult to meet:

First of all, I would like to interface with hardware I already have. Particularly, video, input, and Ethernet. So it would be really great if I could get a board with VGA out, USB host or on-the-go, and Ethernet, although other combinations are possible (e.g. Ethernet not on the board, but via a USB device).

Secondly, I have virtually no experience with electronics, so I need something that is really easy to get started with. Of course, I am doing this in part because I want to learn, so if it's better to do a few simpler projects first to get the needed skills, I am open to that, too.

Thirdly, I want the device that will be running things to be _cheap_. I am thinking max 20 USD. That's for being able to run some simple software (doesn't need a lot of RAM or ROM, as long as more storage can be added) with video output, keyboard input, and network access. If I need some extra expenses to bootstrap things (e.g. some extra hardware to write the ROM), that's ok, but I want to basically be able to tell my friends "for under 20 dollars, you can get one of these computers and run all this great software, too".

Within these constraints, I would like to get the most bang for the buck that I can get. It doesn't have to be an 6502. If I can get an 68k or an ARM or an FPGA (given enough gates, of course), that would be grand.

I am really excited about the Beagle Board, but that's far outside my budget. I've looked at DigiKey's catalog, and there are many chips there that look promising, but frankly, I'm drowning in information, choices, and unfamiliar terminology for the moment. Perhaps one of the Arduino knock-offs will fit the bill. Uzebox looks really exciting, too. I feel that what I have in mind is out there somewhere, I just haven't found it yet. If someone could help me on my way, I would greatly appreciate that.